General
-
Target
file.exe
-
Size
216KB
-
Sample
221220-xs71laag44
-
MD5
0f72a0242a1cfa4af571328687d73b90
-
SHA1
1b3af5d6e9ca50592211e3a29e65a1c7817c6e5e
-
SHA256
618eb7d2b5bd2e32203d01e076ce78fb580f4af7a3a417ec800d8d726b333df3
-
SHA512
0b318e94d76d660673bb0ebc4440889e48eea1be3df08a176190dbc3efefbfbf6bbf53a7f035c7f0fa7d4b40d829bcf0308eb04a40e7cdb8dcba28ed056228f5
-
SSDEEP
3072:9mDhL7HoV5Kzo8XKC0z77KeYGe5+hx7szW7b/zNHCDml:AdLTHzTaz77KeeK6S5Ca
Static task
static1
Behavioral task
behavioral1
Sample
file.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
file.exe
Resource
win10v2004-20221111-en
Malware Config
Targets
-
-
Target
file.exe
-
Size
216KB
-
MD5
0f72a0242a1cfa4af571328687d73b90
-
SHA1
1b3af5d6e9ca50592211e3a29e65a1c7817c6e5e
-
SHA256
618eb7d2b5bd2e32203d01e076ce78fb580f4af7a3a417ec800d8d726b333df3
-
SHA512
0b318e94d76d660673bb0ebc4440889e48eea1be3df08a176190dbc3efefbfbf6bbf53a7f035c7f0fa7d4b40d829bcf0308eb04a40e7cdb8dcba28ed056228f5
-
SSDEEP
3072:9mDhL7HoV5Kzo8XKC0z77KeYGe5+hx7szW7b/zNHCDml:AdLTHzTaz77KeeK6S5Ca
-
Detects Smokeloader packer
-
Blocklisted process makes network request
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Sets DLL path for service in the registry
-
Sets service image path in registry
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-